<?php session_start(); include("../modules/include/Config.php"); requir

1. <?php
2. session_start();
3.  
4. include("../modules/include/Config.php");
5. require_once("../modules/include/Security.php");
6. require_once("../modules/include/sqlConn.php");
7.  
8.  
9. mssql_select_db($dbName1, $dbConn) or die ("Couln't select database $dbName1");
10.  
11. if(isset($_SESSION['loggedin'])) {
12. header("location:./../"); //// Problem
13. } else {
14. if(isset($_POST['submit'])) {
15.  
16. $check = new security();
17.  
18. $message = null;
19. if($check->is_secure($_POST['username']) == false) $message[] = "";
20. if ($check->is_secure($_POST['password']) == false) $message[] = "";
21.  
22. if(count($message) > 0) {
23. for($i = 0; $i < count($message); $i++) {
24. print $message[$i];
25. header("location:./../?invalidData");
26. }
27. return;
28. } else {
29. $username = $_POST['username'];
30. $password = md5($_POST['password']);
31. $verifyAccount = mssql_num_rows(mssql_query("select * from TB_User where StrUserID = '$username' AND password = '$password'"));
32. if($verifyAccount <= 0) {
33. header("location:./../?failedLogin");
34. } else {
35. $_SESSION['loggedin'] = "YES";
36. $_SESSION['name'] = $username;
37. header("location:./../"); //// Problem2
38. }
39. }
40.  
41. }
42. }
43. ?>